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Examiner 
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~ The MAILING DATE of this communication appears on the cover sheet with the correspondence address- 

All claims being allowable, PROSECUTION ON THE MERITS IS (OR REMAINS) CLOSED in this application. If not included 
herewith (or previously mailed), a Notice of Allowance (PTOL-85) or other appropriate communication will be mailed in due course. THIS 
NOTICE OF ALLOWABILITY IS NOT A GRANT OF PATENT RIGHTS. This application is subject to withdrawal from issue at the initiative 
of the Office or upon petition by the applicant. See 37 CFR 1.313 and MPEP 1308. 

1 . This communication is responsive to 12/03/08 . 

2. The allowed claim(s) is/are 1,5-9,11,12,15-17 and 26-29 . 

3. □ Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 

a) □ All b)DSome* c) □ None of the: 

1. □ Certified copies of the priority documents have been received. 

2. □ Certified copies of the priority documents have been received in Application No. . 

3. □ Copies of the certified copies of the priority documents have been received in this national stage application from the 

International Bureau (PCT Rule 17.2(a)). 
* Certified copies not received: . 

Applicant has THREE MONTHS FROM THE "MAILING DATE" of this communication to file a reply complying with the requirements 
noted below. Failure to timely comply will result in ABANDONMENT of this application. 
THIS THREE-MONTH PERIOD IS NOT EXTENDABLE. 

4. □ A SUBSTITUTE OATH OR DECLARATION must be submitted. Note the attached EXAMINER'S AMENDMENT or NOTICE OF 

INFORMAL PATENT APPLICATION (PTO-152) which gives reason(s) why the oath or declaration is deficient. 

5. □ CORRECTED DRAWINGS ( as "replacement sheets") must be submitted. 

(a) □ including changes required by the Notice of Draftsperson's Patent Drawing Review ( PTO-948) attached 

1 ) □ hereto or 2) □ to Paper No./Mail Date . 

(b) □ including changes required by the attached Examiner's Amendment / Comment or in the Office action of 

Paper No./Mail Date . 

Identifying indicia such as the application number (see 37 CFR 1. 84(c)) should be written on the drawings in the front (not the back) of 
each sheet. Replacement sheet(s) should be labeled as such in the header according to 37 CFR 1.121(d). 

6. □ DEPOSIT OF and/or INFORMATION about the deposit of BIOLOGICAL MATERIAL must be submitted. Note the 

attached Examiner's comment regarding REQUIREMENT FOR THE DEPOSIT OF BIOLOGICAL MATERIAL. 



Attachment(s) 

1 . ^ Notice of References Cited (PTO-892) 

2. □ Notice of Draftperson's Patent Drawing Review (PTO-948) 

3. □ Information Disclosure Statements (PTO/SB/08), 

Paper No./Mail Date 

4. □ Examiner's Comment Regarding Requirement for Deposit 

of Biological Material 



/Beemnet W Dada/ 
Examiner, Art Unit 2435 



5. □ Notice of Informal Patent Application 

6. □ Interview Summary (PTO-413), 

Paper No./Mail Date . 

7. ^ Examiner's Amendment/Comment 

8. □ Examiner's Statement of Reasons for Allowance 

9. □ Other . 
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EXAMINER'S AMENDMENT 

An examiner's amendment to the record appears below. Should the changes and/or 
additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 
1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the 
payment of the issue fee. 

Authorization for this examiner's amendment was given in a telephone interview with 
Christopher Holt, Reg. No. 45,844 on March 6, 2009. 



The application has been amended as follows: 
In the claims: 



12. (Currently Amended) A computer-implemented method for enhancing the security of 
communication over a network, the method comprising: 

receiving a set of authentication credentials from a user: 

applying a collection of security privileges to the set of authentication credentials to 
determine if the user is authorized to carry out a request wherein applying 
comprises applying based at least in part upon a role-based determination that 
involves referencing a record that assigns access privileges to various roles that 
can be assumed by the user; 

generating a public key and a corresponding private key; 

storing the private key; 

transmitting the public key over the network to a registration service; 

receiving from the registration service a security certificate that includes the public key; 
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transmitting the security certificate over the network to an entity with which a channel of 

communication is desired; 
receiving from the entity a session ticket encrypted with the public key; 
decrypting the session ticket with the private key; 

using the session ticket as an authenticator for subsequent communications with the 
entity, wherein using the session ticket comprises using the session ticket as a 
cryptography key for encrypting or decrypting messages;_afld 

wherein receiving a session ticket from the entity comprises receipt of the session ticket 
by a first computing device; 

wherein decrypting the session ticket with the private key is a function that occurs via 
processing executed by the first computing device; ap& 

wherein using the session ticket as an authenticator further comprises using the session 
ticket as an authenticator for subsequent communications between the entity and 
the first computing device ; and 

wherein transmitting the security certificate over the network comprises transmitting the 
security certificate to a service provider configured to extend the functionality of a software 
application by remotely providing a service . 

14. (Cancelled). 



15. (Currently Amended) The method of claim 1244, wherein using the session ticket 
comprises using the session ticket to secure communications with the service provider. 
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26. (Currently Amended) A computer-implemented method for enhancing the security of 
communication over a network between multiple peer application hosts, the method comprising: 
receiving a set of authentication credentials from a user: 

applying a collection of security privileges to the set of authentication credentials to 
determine if the user is authorized to carry out a request wherein applying 
comprises applying based at least in part upon a role-based determination that 
involves referencing a record that assigns access privileges to various roles that 
can be assumed by the user; 

receiving a security certificate from a first application host; 

transmitting the security certificate over the network to an entity with which a channel of 

communication is desired; 
generating a session ticket; 

encrypting the session ticket with a public key contained in the security certificate; 
transmitting the session ticket to the first application host; 

receiving a message from the first application host, the message being at least partially 
encrypted in accordance with the session key prior to its being encrypted with the 
public key; aftd 

wherein said steps of receiving a security certificate, generating, encrypting, transmitting, 

and receiving a message are all conducted via processing by the same 

computing device ; and 
wherein transmitting the security certificate over the network comprises transmitting the 

security certificate to a service provider configured to extend the functionality of a 

software application by remotely providing a service . 
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Conclusion 

Any inquiry concerning this communication or earlier communications from the examiner 
should be directed to BEEMNET W. DADA whose telephone number is (571 )272-3847. The 
examiner can normally be reached on Monday - Friday (9:00 am - 5:30 pm). 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Y. Vu can be reached on (571 ) 272-3859. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private 
PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you 
would like assistance from a USPTO Customer Service Representative or access to the 
automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/Beemnet W Dada/ 
Examiner, Art Unit 2435 
March 9, 2009 



